Information Security Policy

INFORMATION SECURITY POLICY STATEMENT


Access Bank Zambia is committed to improving its information security posture and the resilience of its operations in the face of unforeseen events and disruptions, as well as ensuring the optimum delivery of financial services.


Access Bank Zambia has implemented and is certified to best practice standards ISO 27001 (Information Security Management System).


As part of its continued growth strategy, Access Bank is focused on mainstreaming sustainable business practices into its operations. We are also committed to the effective implementation, maintenance, and continual improvement of the information security management system to support the achievement of our business goals.


To achieve the Information Security objectives, Access Bank Zambia is committed to establishing a comprehensive information security policy framework 


This framework will encompass key policies addressing critical areas such as access control, system operations, data protection, incident management, business continuity, and secure usage of IT resources. These policies will be developed to ensure a structured approach to safeguarding information assets, mitigating security risks, and fostering a culture of security awareness across the organization.

 Access Bank Zambia’s Executive leadership is committed to proactively: 

  • Implement the necessary capabilities to ensure the continuity of its critical business functions in the event of a major disruption or disaster and to ensure the recovery of those critical functions to an operational state within an acceptable timeframe.
  • Ensure that Information Security Management System (ISMS) objectives are set and that adequate resources are allocated to achieve them. The ISMS objectives shall be consistent with business requirements and compatible with the strategic direction of the Bank.
  • Obtain ideas for improvement through regular meetings with customers and stakeholders.
  • Raise the awareness of all employees and stakeholders to ensure that the benefits of achieving the ISMS objectives are understood.
  • Ensure that all employees are made aware of and understand the IMS policy, procedures and supporting documentation through training and the provision of information. Compliance will be confirmed because of formal internal audits and management reviews, which will be conducted at least annually.
  • Continually improve the effectiveness of the ISMS across all areas within its scope.
  • Enhance current processes to bring them into line with good practice as defined within ISO 27001.
  • Achieve certification for the Information Security Management System and maintain it on an ongoing basis.
  • Increase the level of proactivity (and the stakeholder perception of proactivity) about the ongoing management of the ISMS.
  • Make processes and controls more measurable to provide a sound basis for informed decisions.


This policy is publicly available to all interested parties and is reviewed periodically to take account of applicable local, statutory, regulatory, and customer requirements and any changes in business activity.


This Policy applies to all Bank employees, its contractors, its consultants, and other individuals affiliated with Third Parties who have access to the Bank’s information or business interests.


Thank you.

Lishala C. Situmbeko
Managing Director, Access Bank Zambia.


Latest News

Access Bank Zambia Wins three (3) Prestigious Global Brands Magazine Awards Access Bank Zambia Commences System Integration with former Atlas Mara Government, Private Sector Collaboration Vital to address Health Sector Challenges Access Bank combination with Atlas Mara legally complete Access Bank Zambia Limited Completes Acquisition of Atlas Mara, Creates One of Zambia`s Top Five Banks